Base URL
https://[instance].service-now.com/api/now/table/[table_name]Authentication
Three options in order of preference:
- OAuth 2.0 — Bearer token in Authorization header (recommended for production)
- Basic Auth — Base64 encoded username:password in Authorization header
- API Key — if configured in your instance
Authorization: Bearer [access_token]
Authorization: Basic [base64(user:password)]GET — retrieve records
GET /api/now/table/incident?sysparm_query=active=true^state=1
&sysparm_limit=10
&sysparm_offset=0
&sysparm_fields=number,short_description,state,assigned_to
&sysparm_display_value=trueKey parameters:
sysparm_query— encoded query string (same syntax as GlideRecord)sysparm_limit— max records to return (default 10, max 10000)sysparm_offset— for pagination, skip first N recordssysparm_fields— comma-separated list of fields to returnsysparm_display_value— true to return display values, false for raw values, all for both
GET — retrieve single record by sys_id
GET /api/now/table/incident/[sys_id]POST — create a record
POST /api/now/table/incident
Content-Type: application/json
{
"short_description": "Printer not working",
"urgency": "2",
"category": "hardware",
"caller_id": "6816f79cc0a8016401c5a33be04be441"
}Response: 201 Created with the new record in the body.
PATCH — update a record
PATCH /api/now/table/incident/[sys_id]
Content-Type: application/json
{
"state": "6",
"resolution_notes": "Printer driver reinstalled"
}DELETE — delete a record
DELETE /api/now/table/incident/[sys_id]Response: 204 No Content. Use carefully — this is a hard delete.
Pagination
// Page 1: offset=0, limit=100
// Page 2: offset=100, limit=100
// Page 3: offset=200, limit=100Check the X-Total-Count response header to get the total number of matching records.
Common errors
- 401 — Authentication failed, check token/credentials
- 403 — Authenticated but no ACL access to the table or record
- 404 — Record not found (check sys_id, check table name)
- 429 — Rate limited, implement exponential backoff